trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
541 Commits 1 Branch 0 Tags
9e9120f02b2e3c7aee2e618c498b09f8bae1126d
Commit Graph

541 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Long
9e9120f02b Implementing blacklist on wef_inputs.conf 
Resolving Issue #436
 2020-05-03 17:08:22 -07:00
Chris Long
f0a7b1481f Typo 2020-05-02 22:21:24 -07:00
Chris Long
b314066e06 Fixing Splunk regex 2020-05-02 22:20:48 -07:00
Chris Long
c8514a49a4 Merge pull request #434 from olafhartong/patch-1 
Added missing subscription forward rule
 2020-05-02 12:17:39 -07:00
Olaf Hartong
7476ff94df Added missing subscription forward rule 2020-04-30 21:53:05 +02:00
Chris Long
6de7ffa8d5 Reverting last update to install-redteam.ps1 2020-04-25 23:03:03 -07:00
Chris Long
3f12ac524a Update install-redteam.ps1 2020-04-25 12:20:25 -07:00
Chris Long
7ba7b6904b Merge pull request #431 from clong/update_readme_esxi 
Update README.md and ESXi logger code
 2020-04-23 19:38:06 -07:00
Chris Long
1cb90374f6 Merge branch 'master' into update_readme_esxi 2020-04-23 19:37:58 -07:00
Chris Long
71206dc243 Update README.md and ESXi logger code 2020-04-23 19:35:26 -07:00
Chris Long
9f14610928 Update README.md 2020-04-18 23:23:36 -07:00
Chris Long
203d7a4638 Fixing eth1 ip detection logic 
Interfaces can have multiple IP addresses, causing this step to fail in Virtualbox
 2020-04-18 22:53:35 -07:00
Chris Long
78130b2b78 Merge pull request #427 from clong/nullqueue2 
Add some Splunk nullQueues for noisy events
 2020-04-18 16:00:50 -07:00
Chris Long
d1d0566773 Add some Splunk nullQueues for noisy events 2020-04-18 15:59:54 -07:00
Chris Long
c238b8e21f Add hosts entry for WEF on the DC 
Fixes a DNS problem with Microsoft ATA
 2020-04-18 15:38:05 -07:00
Chris Long
e9804b4c69 Merge pull request #425 from clong/win10_activation 
Fix Win10 Activation Issue on Terraform
 2020-04-18 13:23:48 -07:00
Chris Long
091c221a87 Revert AZ change 2020-04-18 13:23:13 -07:00
Chris Long
f81f715147 Fix Win10 Activation Issue on Terraform 2020-04-18 13:19:28 -07:00
Chris Long
7c0b8907db Fix path for install-utilities.ps1 2020-04-17 22:02:29 -07:00
Chris Long
37d7d1dfd1 Fixing Splunk app filename 2020-04-17 13:58:12 -07:00
Chris Long
60f89345af Override Bootstrap DNS Settings 2020-04-16 22:00:05 -07:00
Chris Long
3fde431699 Small logger bugfixes 2020-04-14 13:29:58 -07:00
Chris Long
f38e45e608 Merge pull request #420 from clong/logger_bugfix 
Fixing logger bugs, updating vm tools, updating Win10 ISO
 2020-04-13 00:10:00 -07:00
Chris Long
03c96430a5 Merge branch 'master' into logger_bugfix 2020-04-13 00:09:52 -07:00
Chris Long
a67ce6efb5 Fixing logger bugs, updating vm tools, updating Win10 ISO 2020-04-13 00:05:49 -07:00
Chris Long
ffffcf3cce Update main.tf 2020-04-09 02:30:38 -07:00
Chris Long
dbfa998ec2 Update install-windows_ta.ps1 2020-04-08 00:20:01 -07:00
Chris Long
0c82c97576 Merge pull request #414 from MHaggis/master 
Bootstrap.sh Error fixes
 2020-04-07 22:57:07 -07:00
Mike Haag
2b37af791d Bootstrap.sh Error fixes 
Errors during install:
-     logger: Error during app install: failed to extract app from /vagrant/resources/splunk_forwarder/splunk-add-on-for-microsoft-windows_700.tgz to /opt/splunk/var/run/splunk/bundle_tmp/2ade41e05f0e68dc: No such file or directory

-     logger: Error during app install: failed to extract app from /vagrant/resources/splunk_server/add-on-for-microsoft-sysmon_1062.tgz to /opt/splunk/var/run/splunk/bundle_tmp/eeef7b83a2d6b716: No such file or directory

1. Fixed the forwarder error by placing the updated TA in the forwarder path.
2. fixed server error, this was caused by a typo in the name.
 2020-04-06 09:04:23 -06:00
Chris Long
fd804a083d Fixing the Splunk nullqueue 2020-03-28 02:30:06 -07:00
Chris Long
c7e013558a Resolving merge conflicts 2020-03-27 14:58:18 -07:00
Chris Long
34d8a39c43 Multiple bugfixes, add dashboard 2020-03-27 14:53:04 -07:00
Chris Long
0f5faccf46 Update main.yml 2020-03-26 13:34:20 -07:00
Chris Long
9437e74c3e Update bootstrap.sh 2020-03-26 11:45:37 -07:00
Chris Long
6525456492 Update install-choco-extras.ps1 2020-03-25 22:46:55 -07:00
Chris Long
b2cf652fdc Update install-utilities.ps1 2020-03-25 22:46:19 -07:00
Chris Long
648ecec2ad Merge pull request #408 from NemoEht/patch-4 
Update to ubuntu1804_esxi.json with ssh_timeout
 2020-03-23 22:53:43 -07:00
Chris Long
ce4f9b482a Merge branch 'master' into patch-4 2020-03-23 22:53:32 -07:00
Chris Long
47f2d618ac Merge pull request #407 from clong/autoruns_wait 
Add a wait for autoruns scheduled task
 2020-03-23 22:52:36 -07:00
Chris Long
242e1a7cf3 Adding a failover for the ISO download 2020-03-23 22:51:43 -07:00
NemoEht
be0f22417f Update to ubuntu1804_esxi.json with ssh_timeout 
Added ssh_timeout of 10000 seconds (166.6667 minutes). This will keep packer from destroying the VM before it's even done with the setup process. The time can be adjusted but this helped me in the setup process.
 2020-03-23 20:36:16 -07:00
Chris Long
5dcc9965d3 Add a wait for autoruns scheduled task 2020-03-23 17:27:57 -07:00
Chris Long
d9ccdbb162 Merge pull request #403 from NemoEht/patch-1 
Update ubuntu1804_esxi.json
 2020-03-23 13:53:15 -07:00
Chris Long
7c29ef8663 Merge pull request #404 from NemoEht/patch-2 
Update windows_10_esxi.json
 2020-03-23 13:53:02 -07:00
Chris Long
cf7debb049 Merge pull request #405 from NemoEht/patch-3 
Update windows_2016_esxi.json
 2020-03-23 13:52:47 -07:00
NemoEht
f7eb80d836 Update windows_2016_esxi.json 
Updated line 40 to use the variable in the variables.json
 2020-03-23 13:42:05 -07:00
NemoEht
4e950f22f0 Update windows_10_esxi.json 
Updated line 45 to use the variable in the variables.json
 2020-03-23 13:41:25 -07:00
NemoEht
73b1e29a8f Update ubuntu1804_esxi.json 
Updated line 55 to use the variable in the variables.json
 2020-03-23 13:40:44 -07:00
Chris Long
f7543b3003 Merge pull request #402 from clong/ansible_tasks 
Break out Ansible tasks
 2020-03-23 00:32:47 -07:00
Chris Long
5084822e84 Break out Ansible tasks 2020-03-23 00:31:09 -07:00